With the risks of COVID-19 expected to be present until a vaccine is available, educational institutions across Southeast Asia (SEA) are forced to adapt to this unique situation. The unexpected disruption required educators to move offline schooling to remote or hybrid learning environments, with little to no preparation at all. Aside from the technical aspects of this shift, cybercriminals are also preying on the already burdened sector.
Globally, the total number of DDoS attacks increased by 80% in Q1 2020 when compared to Q1 2019. Moreover, attacks on educational resources accounted for a large portion of this growth. Between January and June 2020, the number of DDoS attacks affecting educational resources increased by at least 350% when compared to the corresponding month in 2019.
In a denial of service (DoS) attacks, cybercriminals attempt to overwhelm a network server with requests for services so that the server crashes — denying users access. DDoS attacks are particularly problematic because they can last anywhere from a couple of days to a few weeks, causing disruptions to organizations’ operations and — in the case of educational resources — denying students and staff access to critical materials.
Kaspersky Security Network (KSN) also showed a steep surge in the number of users in SEA who faced threats disguised as e-learning and videoconferencing platforms during the first three quarters of 2020. Applications and tools include Moodle, Zoom, edX, Coursera, Google Meet, Google Classroom, and Blackboard.
From just 131 affected users on January to March 2020, the second quarter saw Kaspersky solutions protecting 1,483 unique users in SEA against online threats related with virtual education and online videoconferencing applications, a 1032% increase in a per quarter comparison. The global cybersecurity company also monitored a slight decrease to 1,166 users almost infected with malware in the third quarter.
It can be noted that most of the lockdown measures in SEA were implemented in the later part of March. As COVID-19 cases declined, some countries like Vietnam and Thailand were able to relax their restrictions after the second quarter of the year.
Kaspersky suggests the following steps on how educators can improve their security online:
1. Learn about the tools you are using – Know their capabilities and features as well as you can, by reading through the instructions, learning the interface, and searching on the Internet for configuration guides. Ensure that you follow the rules set by your institution as well.
2. Limit your tools – The IT tools you select to conduct classes should be convenient for both teacher and students. More tools does not necessarily mean a better experience. Before starting classes, make sure you have sufficient tools for the job and that all participants in the educational process are comfortable using them.
3. Set a unique password for each service – For every account, you need one unique password. Of course, all of your passwords should be strong — long enough and not too obvious.
4. Guard your educational accounts – Pay careful attention to the accounts you use for educational purposes. You should have no problems accessing them at any moment, and no one else should be able to log in to them.
5. Understand how to recognize phishing e-mails – It is important to know how to distinguish phishing attempts from official mailings and the messages legitimate services might send. Phishing sites often contain errors, misaligned layouts, and broken links, but sometimes scammers manage to create phishing pages that are indistinguishable from the real thing.
6. Protect devices – You need reliable protection on every device you use to access educational resources. If a student’s school computer is crawled by ransomware, for example, restoring the computer and files can waste a lot of valuable time.
And if a teacher’s computer becomes compromised, things can get even more interesting. Some malware may try to spread to students’ devices. That is why you need reliable protection on all computers, smartphones, and tablets.
Find out more about Kaspersky latest report on the risks against the education sector here.